I use Kong as API Gateway for my services which should be OAuth-protected using the Client Credentials flow. Right now, I implemented this using the jwt-keycloak plugin. Everything's fine, I request an auth-token from Keycloak and pass it on with my request towards Kong. Works great.
But there is also the official OAuth2 plugin, and I try to find out what that OAuth2 plugin would to better for me in contrast to the jwt-keycloak plugin? What are the differences, or when to use which of these?
OAuth 2.0 Authentication Plugin is the equivalent of a Keycloak. Kong doubles up as an authorization server if you add the above plugin.
The plugin you are using - jwt-keycloak is more like a validator, that checks for the validity of the tokens issued by Keycloak before passing the request to the backends you host on Kong.